Custom APDU implementation Mifare Plus EV2

KennethBarrera · ‎06-09-2025

Hello, good day.

A few days ago, I purchased a terminal model P18Q, which supports the following authentication methods for MIFARE Plus cards. The provider informed me that I need to implement my own encryption algorithms to send commands to the card, which is operating in SL3 mode, and authenticate to a specific sector.

Using the official NXP library, I am able to authenticate, read, and write to the card without any issues. However, with my custom implementation — where I send my key along with the challenge response — I consistently receive an error during the mplus_firstAuth_f2 process.

Does anyone know if I am performing the authentication correctly? Unfortunately, I cannot use the official NXP library on this terminal, as it does not have a standard Android NFC reader. Instead, it relies on an external terminal with which I can only communicate through APDUs.

EduardoZamora · ‎06-10-2025

Hello @KennethBarrera

Hope you are doing well.

Please, consider that our support is limited to the usage of NFC Readers from our portfolio and our recommended NFC Reader Library / TapLinx SDK.

Besides the native command set, MIFARE Plus EV2 supports ISO/IEC 7816-4 commands. MF1P(H)x2 supports an optional wrapping into ISO/IEC 7816-4 APDUs of the native command set available after ISO/IEC 14443-4 activation for all security levels.

As you might know, some of the documentation supporting MIFARE Plus EV2 is secured under NDA (Non-Disclosure Agreement), the information is not public and it is located under the MIFARE Plus EV2 Secure Files. For further information, you might need to request access to the MIFARE Plus EV2 Secure Data Sheet.

Regards,
Eduardo.

KennethBarrera · ‎06-11-2025

Hello, good day, thank you very much for your response. Excuse me, I would like to ask you two things.
Will any of the NXP readers allow me to interact with the Mifare plus EV2 card using the TapLinx SDK? And if this is not possible, with the terminal that I have purchased, is it possible to use any of the NXP libraries so that once the authentication is completed, I can send a read request to the terminal while I calculate the session key and the CMAC using one of the methods provided by you?

EduardoZamora · ‎06-12-2025

Hi,

TapLinx is an SDK that provides some tools for contactless applications development in smartphones; it is available for Android, iOS and Java.

NFC Reader Library offer support for our NFC Frontend ICs (NFC Readers); it is written in C and provides an API that facilitates the most common operations required in NFC applications such as reading or writing data into contactless cards or tags.

Both the NFC Reader Library and TapLinx SDK support MIFARE Plus EV2. However, software and demos supporting MIFARE Plus EV2 (NFC Reader Library) are secured under NDA and must be requested through the Secure Files.

Something important to remark is that we do not support porting our software to any third-party platform, and all implementations must be done by the user based on their requirements and the documentation available for MIFARE Plus EV2.

Regards,
Eduardo.